SlideShare a Scribd company logo

Deploying OpenStack with Ansible

Download as PPTX, PDF
Kevin Carter
Kevin Carter

Deploying OpenStack with ansible. Made possible by the OS-Ansible-Deployment project https://github.com/stackforge/os-ansible-deployment

1 of 38
Downloaded 173 times
Created by: Kevin Carter & Curtis Collicutt OS-Ansible-Deployment Deploying OpenStack with Ansible presentation > osad <<EOP 1
www.rackspace.com 2 Who am I? Kevin Carter ● Developer at the Rackspace Private Cloud ● Open source activist ● Cloud operations junkie ● Python aficionado ● Recovering rubyist ● Beer lover ● Soccer fanatic
www.rackspace.com 3 Who am I? Curtis Collicutt ● Lead OpenStack Engineer @ AURO ● Information Security ● Storage systems ● How do computers even? ● Films
4www.rackspace.com @robertcathey Cloud infra is hard. OpenStack is cloud infra. OpenStack is hard. This is news, apparently. “ ”
www.rackspace.com 5 OSAD and what we’re about ● Deployer Experience ● Vanilla OpenStack ● Scalability ● Stability
www.rackspace.com 6 Why are we here? In late 2013, the Rackspace Private Cloud team set out to solve our common deployment, maintenance, scalability, and stability problems.
www.rackspace.com 7 Distribution packaging of OpenStack ● Out of date packages ● Out of band configuration ● Packages include proprietary patches ● Time to bug resolution is longer than it should ● Broken dependencies
www.rackspace.com 8 Available deployment tooling ● Maybe, sometimes, sorta, eventually “consistent”, kinda? ● Upgrades difficult or impossible ● Steep learning curve
www.rackspace.com 9 Legacy architecture does not scale ● Almost all deployment systems reference an architecture that suffers from the “controller 1 controller 2” model ● VIP failover for OpenStack supporting services bound to break and when it does it’ll break spectacularly!
www.rackspace.com 10 What we devised A source-based installation of OpenStack, built within LXC containers, using a multi-master architecture orchestrated and deployed via Ansible.
www.rackspace.com 11 Why Ansible? ● Community engagement ● Orchestration ● Almost no code ● Low barrier to entry ● Crazy powerful, stupid simple
www.rackspace.com 12 Why containers? ● LXC ≈ More bare metal ● Compatible with many networking architectures ● Supports an LVM backend ● Stable
www.rackspace.com 13 What is OSAD? OSAD == OpenStack Ansible Deployment ● Uses LXC containers to isolate components and services ● Deploys OpenStack from upstream sources ● Runs on Ubuntu 14.04 ● Built for production ● No proprietary secrete sauce ○ But you could bolt on as much as you want ● Created following the KISS principle
www.rackspace.com 14 ● All Ansible tasks and roles target multiple nodes, even if that number is a multiple of one (1) ○ EVERYTHING is tagged! ● Process separation on infrastructure components (controller nodes) ○ Microservice-like, where it makes sense OSAD architecture
www.rackspace.com 15 ● Galera multi-master cluster ● RabbitMQ with mirrored queues and deterministic sorting of the master queues ● “Cheese shop” index build for your environment stored within your environment OSAD infrastructure components
www.rackspace.com 16 ● OSAD does not know about the “all in one” deployment ○ LXC enables the base system to deploy a multi-node cloud even with only one physical node ○ An AIO in our gate job emulates a 32 node cloud ● Neutron with the Linux Bridge agent offer stability and supportability ○ Open vSwitch is feature-full but Linux Bridge “just works”™ OSAD scale
www.rackspace.com 17 Community project ● We support Juno and Icehouse but the code contains Rackspace-isms ● Kilo is our first “community” release of OSAD ● 41 contributors presently in the project ○ Not all Rackers
www.rackspace.com 18 Community project We take our role within the community seriously! # Lines of change between Juno and Kilo git diff --stat juno kilo 1158 files changed, 39061 insertions(+), 81368 deletions(-)
www.rackspace.com 19 ● Deployer experience: Ansible ● Vanilla OpenStack: Source-based installation ● Scalability: Built within LXC containers ● Stability: Obviously! OSAD and what we’re about
www.rackspace.com 20 OSAD configuration ● OSAD configuration is your window into inventory ○ lives in /etc/openstack_deploy ● Dynamic inventory generated via config ● Compatible with Ansible static inventory ● Execution made simple using the openstack-ansible wrapper.
www.rackspace.com 21 OSAD deployment # Change to the playbooks directory cd /opt/os-ansible-deployment/playbooks # Open your favorite terminal multiplexer tmux new -s osad-deployment # Do all the things! openstack-ansible setup-everything.yml Go get coffee|food|beer, this will take a minute.
www.rackspace.com 22 What an OpenStack deployment looks like with OSAD Diagram not built to scale. Derived from an All in One Installation.
www.rackspace.com 23 OSAD adding a compute node # Execute run limited to the nova_compute group openstack-ansible setup-everything.yml --limit nova_compute compute_hosts: compute1: ip: 172.29.236.201 compute2: ip: 172.29.236.202 compute3: ip: 172.29.236.203 compute4: ip: 172.29.236.204 compute5: ip: 172.29.236.205 EDIT: /etc/openstack_deploy/openstack_user_config.yml
www.rackspace.com 24 OSAD adding an infrastructure node # Execute the setup with a limit on the infra groups we’re adding openstack-ansible setup-everything.yml --limit os-infra_all, shared-infra_all, identity_all shared-infra_hosts: infra1: ip: 172.29.236.101 os-infra_hosts: infra1: ip: 172.29.236.101 identity_hosts: infra1: ip: 172.29.236.101 EDIT: /etc/openstack_deploy/openstack_user_config.yml
www.rackspace.com 25 OSAD reconfiguring all of neutron # Execute a run limited to neutron_all openstack-ansible setup-everything.yml --limit neutron_all global_overrides: provider_networks: - network: container_bridge: "br-vxlan" container_type: "veth" container_interface: "eth10" ip_from_q: "tunnel" type: "vxlan" range: "1:1000" net_name: "vxlan" group_binds: - neutron_linuxbridge_agent EDIT: /etc/openstack_deploy/conf.d/neutron_networks.yml
www.rackspace.com 26 ● AURO - Public OpenStack Cloud ● Compute, Volume, Swift, Heat, Neutron ● Canadian data residency, ownership ● Vancouver region, Toronto up next AURO - OpenStack
www.rackspace.com 27 ● Not using as much as we’d like ● Mostly the infrastructure components ○ Rabbit, Galera, Memcached, etc ● Absolutely invaluable as an example ● Will continue to bring in more OSAD components as we operate over time ● Team somewhat new to config mgmt AURO & OSAD - What we are using
www.rackspace.com 28 ● Great example of: o Using Ansible o Deploying OpenStack o Testing - All in one, use of OpenStack infra ● Already supports Kilo ● Packaging and deploying OpenStack (ie. not using OS packages - Python Wheels very cool) ● Segregation of services AURO & OSAD - What we like
www.rackspace.com 29 ● Public cloud ● Midonet ● Different HA Model ● Billing ● Support Model ○ Multiple tiers of internal support AURO - Differences from OSAD
www.rackspace.com 30 ● Not to restart services in same run as changes o Need to control restarts in HA manner, rolling ● Every task tagged ● Continuously run (from Ansible Tower and/or Jenkins) ● Installing once is easy, operating forever is hard ● Ansible to help manage many small changes faster ● People don’t ssh into servers, only Ansible AURO - Ansible Guiding Principles
www.rackspace.com 31 ● Easy to use mostly idempotent modules then run a command or shell task and make a mess of it ● changed_when: False is too easy to stumble with ● Multiple environments ● Being able to run one-time commands across all systems is as powerful as it is dangerous $ ansible -a reboot all AURO - Ansible Struggles
www.rackspace.com 32 ● Deploy OpenStack from source ● Segregation of services ● More monitoring ● Ansible callback plugins are useful ● Learn more from OpenStack testing infra ● Need a couple modules o Midonet o Swift AURO - Near term improvements
www.rackspace.com 33 ● Be “Pluggable?” (What does that even mean?) o Neutron network - eg. Midonet o HA model - eg. ECMP/BGP load balancing ● Balancing community roles and playbooks with custom requirements ● Learn how to consume OSAD properly AURO - OSAD Comments/Ideas/Questions
www.rackspace.com ● Secrets (eg. Hashicorp Vault, KeyWhiz) ● Continuous integration...err integration ● Caching (Ansible has Redis, other ideas?) ● What is the “future” of config mgmt? Must be more than just pkg/config/start/bootstrap ● Change request workflow 34 AURO - Configuration Management Future
www.rackspace.com 35 ● Increase community participation in OSAD ○ Community members wanted! ○ Pull requests welcome :) ● Build out the operational modules found within the upstream ● Modular Dynamic inventory ● etc . . . Where does Ansible and OpenStack go from here?
www.rackspace.com 36 Q & A Twitter: @cloudnull IRC: cloudnull Email: kevin.carter@rackspace.com Twitter: @ccollicutt IRC: serverascode Email: curtis.collicutt@auro.io
37www.rackspace.com OSAD makes OpenStack™ NOSAD“ ”
www.rackspace.com Thank You! EOP 38
Ad

Recommended

Simple flexible deployments with openstack ansible
Simple flexible deployments with openstack ansibleSimple flexible deployments with openstack ansible
Simple flexible deployments with openstack ansible
Jean-Philippe Evrard
 
OpenStack-Ansible Project Update
OpenStack-Ansible Project UpdateOpenStack-Ansible Project Update
OpenStack-Ansible Project Update
Jesse Pretorius
 
Openstack ansible
Openstack ansibleOpenstack ansible
Openstack ansible
George Paraskevas
 
Andy McCrae, Rackspace - Using Ansible to Deploy and Automate OpenStack, Open...
Andy McCrae, Rackspace - Using Ansible to Deploy and Automate OpenStack, Open...Andy McCrae, Rackspace - Using Ansible to Deploy and Automate OpenStack, Open...
Andy McCrae, Rackspace - Using Ansible to Deploy and Automate OpenStack, Open...
Cloud Native Day Tel Aviv
 
Mirantis v OpenStack Ansible Dawn of Production
Mirantis v OpenStack Ansible Dawn of ProductionMirantis v OpenStack Ansible Dawn of Production
Mirantis v OpenStack Ansible Dawn of Production
TeK Charnsilp Chinprasert
 
OpenStack-Ansible Security
OpenStack-Ansible SecurityOpenStack-Ansible Security
OpenStack-Ansible Security
Major Hayden
 
Containers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStack
Containers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStackContainers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStack
Containers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStack
OpenStack
 
Openstack components as containerized microservices
Openstack components as containerized microservicesOpenstack components as containerized microservices
Openstack components as containerized microservices
Miguel Zuniga
 
How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...
How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...
How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...
OpenStack
 
Flexible, simple deployments with OpenStack-Ansible
Flexible, simple deployments with OpenStack-AnsibleFlexible, simple deployments with OpenStack-Ansible
Flexible, simple deployments with OpenStack-Ansible
Major Hayden
 
OpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace
OpenStack and Rackspace – an Australian perspective: Tony Breeds, RackspaceOpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace
OpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace
OpenStack
 
Build cloud like Rackspace with OpenStack Ansible
Build cloud like Rackspace with OpenStack AnsibleBuild cloud like Rackspace with OpenStack Ansible
Build cloud like Rackspace with OpenStack Ansible
Jirayut Nimsaeng
 
/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat
/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat
/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat
OpenStack
 
Devstack On Demand
Devstack On DemandDevstack On Demand
Devstack On Demand
Barak Merimovich
 
Cisco UCS loves Kubernetes, Docker and OpenStack Kolla
Cisco UCS loves Kubernetes, Docker and OpenStack KollaCisco UCS loves Kubernetes, Docker and OpenStack Kolla
Cisco UCS loves Kubernetes, Docker and OpenStack Kolla
Vikram G Hosakote
 
Openstack devops challenges
Openstack devops challenges Openstack devops challenges
Openstack devops challenges
openstackindia
 
Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...
Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...
Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...
OpenStack
 
OpenStack Neutron behind the Scenes
OpenStack Neutron behind the ScenesOpenStack Neutron behind the Scenes
OpenStack Neutron behind the Scenes
Anil Bidari ( CEO , Cloud Enabled)
 
Kolla - containerizing the cloud itself
Kolla - containerizing the cloud itselfKolla - containerizing the cloud itself
Kolla - containerizing the cloud itself
Michal Rostecki
 
Build a Basic Cloud Using RDO-manager
Build a Basic Cloud Using RDO-managerBuild a Basic Cloud Using RDO-manager
Build a Basic Cloud Using RDO-manager
K Rain Leander
 
Deploying openstack using ansible
Deploying openstack using ansibleDeploying openstack using ansible
Deploying openstack using ansible
openstackindia
 
Copr HD OpenStack Day India
Copr HD OpenStack Day IndiaCopr HD OpenStack Day India
Copr HD OpenStack Day India
openstackindia
 
kolla
kollakolla
kolla
Andrew Widddersheim
 
Enhancing OpenStack FWaaS for real world application
Enhancing OpenStack FWaaS for real world applicationEnhancing OpenStack FWaaS for real world application
Enhancing OpenStack FWaaS for real world application
openstackindia
 
Automating OpenStack Deployment with Fuel
Automating OpenStack Deployment with FuelAutomating OpenStack Deployment with Fuel
Automating OpenStack Deployment with Fuel
Tomasz Zen Napierala
 
Role of sdn controllers in open stack
Role of sdn controllers in open stackRole of sdn controllers in open stack
Role of sdn controllers in open stack
openstackindia
 
OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...
OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...
OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...
Vietnam Open Infrastructure User Group
 
TripleO
TripleO TripleO
TripleO
Kiran Murari
 
OpenStack Toronto Q2 MeetUp - June 1st 2017
OpenStack Toronto Q2 MeetUp - June 1st 2017OpenStack Toronto Q2 MeetUp - June 1st 2017
OpenStack Toronto Q2 MeetUp - June 1st 2017
Stacy Véronneau
 
Introduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New YorkIntroduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New York
Jérôme Petazzoni
 
Ad

More Related Content

What's hot (20)

How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...
How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...
How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...
OpenStack
 
Flexible, simple deployments with OpenStack-Ansible
Flexible, simple deployments with OpenStack-AnsibleFlexible, simple deployments with OpenStack-Ansible
Flexible, simple deployments with OpenStack-Ansible
Major Hayden
 
OpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace
OpenStack and Rackspace – an Australian perspective: Tony Breeds, RackspaceOpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace
OpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace
OpenStack
 
Build cloud like Rackspace with OpenStack Ansible
Build cloud like Rackspace with OpenStack AnsibleBuild cloud like Rackspace with OpenStack Ansible
Build cloud like Rackspace with OpenStack Ansible
Jirayut Nimsaeng
 
/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat
/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat
/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat
OpenStack
 
Devstack On Demand
Devstack On DemandDevstack On Demand
Devstack On Demand
Barak Merimovich
 
Cisco UCS loves Kubernetes, Docker and OpenStack Kolla
Cisco UCS loves Kubernetes, Docker and OpenStack KollaCisco UCS loves Kubernetes, Docker and OpenStack Kolla
Cisco UCS loves Kubernetes, Docker and OpenStack Kolla
Vikram G Hosakote
 
Openstack devops challenges
Openstack devops challenges Openstack devops challenges
Openstack devops challenges
openstackindia
 
Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...
Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...
Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...
OpenStack
 
OpenStack Neutron behind the Scenes
OpenStack Neutron behind the ScenesOpenStack Neutron behind the Scenes
OpenStack Neutron behind the Scenes
Anil Bidari ( CEO , Cloud Enabled)
 
Kolla - containerizing the cloud itself
Kolla - containerizing the cloud itselfKolla - containerizing the cloud itself
Kolla - containerizing the cloud itself
Michal Rostecki
 
Build a Basic Cloud Using RDO-manager
Build a Basic Cloud Using RDO-managerBuild a Basic Cloud Using RDO-manager
Build a Basic Cloud Using RDO-manager
K Rain Leander
 
Deploying openstack using ansible
Deploying openstack using ansibleDeploying openstack using ansible
Deploying openstack using ansible
openstackindia
 
Copr HD OpenStack Day India
Copr HD OpenStack Day IndiaCopr HD OpenStack Day India
Copr HD OpenStack Day India
openstackindia
 
kolla
kollakolla
kolla
Andrew Widddersheim
 
Enhancing OpenStack FWaaS for real world application
Enhancing OpenStack FWaaS for real world applicationEnhancing OpenStack FWaaS for real world application
Enhancing OpenStack FWaaS for real world application
openstackindia
 
Automating OpenStack Deployment with Fuel
Automating OpenStack Deployment with FuelAutomating OpenStack Deployment with Fuel
Automating OpenStack Deployment with Fuel
Tomasz Zen Napierala
 
Role of sdn controllers in open stack
Role of sdn controllers in open stackRole of sdn controllers in open stack
Role of sdn controllers in open stack
openstackindia
 
OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...
OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...
OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...
Vietnam Open Infrastructure User Group
 
TripleO
TripleO TripleO
TripleO
Kiran Murari
 
How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...
How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...
How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...
OpenStack
 
Flexible, simple deployments with OpenStack-Ansible
Flexible, simple deployments with OpenStack-AnsibleFlexible, simple deployments with OpenStack-Ansible
Flexible, simple deployments with OpenStack-Ansible
Major Hayden
 
OpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace
OpenStack and Rackspace – an Australian perspective: Tony Breeds, RackspaceOpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace
OpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace
OpenStack
 
Build cloud like Rackspace with OpenStack Ansible
Build cloud like Rackspace with OpenStack AnsibleBuild cloud like Rackspace with OpenStack Ansible
Build cloud like Rackspace with OpenStack Ansible
Jirayut Nimsaeng
 
/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat
/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat
/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat
OpenStack
 
Devstack On Demand
Devstack On DemandDevstack On Demand
Devstack On Demand
Barak Merimovich
 
Cisco UCS loves Kubernetes, Docker and OpenStack Kolla
Cisco UCS loves Kubernetes, Docker and OpenStack KollaCisco UCS loves Kubernetes, Docker and OpenStack Kolla
Cisco UCS loves Kubernetes, Docker and OpenStack Kolla
Vikram G Hosakote
 
Openstack devops challenges
Openstack devops challenges Openstack devops challenges
Openstack devops challenges
openstackindia
 
Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...
Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...
Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...
OpenStack
 
OpenStack Neutron behind the Scenes
OpenStack Neutron behind the ScenesOpenStack Neutron behind the Scenes
OpenStack Neutron behind the Scenes
Anil Bidari ( CEO , Cloud Enabled)
 
Kolla - containerizing the cloud itself
Kolla - containerizing the cloud itselfKolla - containerizing the cloud itself
Kolla - containerizing the cloud itself
Michal Rostecki
 
Build a Basic Cloud Using RDO-manager
Build a Basic Cloud Using RDO-managerBuild a Basic Cloud Using RDO-manager
Build a Basic Cloud Using RDO-manager
K Rain Leander
 
Deploying openstack using ansible
Deploying openstack using ansibleDeploying openstack using ansible
Deploying openstack using ansible
openstackindia
 
Copr HD OpenStack Day India
Copr HD OpenStack Day IndiaCopr HD OpenStack Day India
Copr HD OpenStack Day India
openstackindia
 
kolla
kollakolla
kolla
Andrew Widddersheim
 
Enhancing OpenStack FWaaS for real world application
Enhancing OpenStack FWaaS for real world applicationEnhancing OpenStack FWaaS for real world application
Enhancing OpenStack FWaaS for real world application
openstackindia
 
Automating OpenStack Deployment with Fuel
Automating OpenStack Deployment with FuelAutomating OpenStack Deployment with Fuel
Automating OpenStack Deployment with Fuel
Tomasz Zen Napierala
 
Role of sdn controllers in open stack
Role of sdn controllers in open stackRole of sdn controllers in open stack
Role of sdn controllers in open stack
openstackindia
 
OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...
OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...
OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...
Vietnam Open Infrastructure User Group
 
TripleO
TripleO TripleO
TripleO
Kiran Murari
 

Similar to Deploying OpenStack with Ansible (20)

OpenStack Toronto Q2 MeetUp - June 1st 2017
OpenStack Toronto Q2 MeetUp - June 1st 2017OpenStack Toronto Q2 MeetUp - June 1st 2017
OpenStack Toronto Q2 MeetUp - June 1st 2017
Stacy Véronneau
 
Introduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New YorkIntroduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New York
Jérôme Petazzoni
 
Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015
Sean Dague
 
Thinking inside the box (shared)
Thinking inside the box (shared)Thinking inside the box (shared)
Thinking inside the box (shared)
Joe Brockmeier
 
Docker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xDocker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12x
rkr10
 
Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017
Dave Holland
 
To Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
To Russia with Love: Deploying Kubernetes in Exotic Locations On PremTo Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
To Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
CloudOps2005
 
Montreal OpenStack Q2 MeetUp - May 30th 2017
Montreal OpenStack Q2 MeetUp - May 30th 2017Montreal OpenStack Q2 MeetUp - May 30th 2017
Montreal OpenStack Q2 MeetUp - May 30th 2017
Stacy Véronneau
 
Red Hat Cloud Infrastructure Conference 2013 - Presentation about OpenStack ...
Red Hat Cloud Infrastructure Conference 2013 - Presentation about OpenStack ...Red Hat Cloud Infrastructure Conference 2013 - Presentation about OpenStack ...
Red Hat Cloud Infrastructure Conference 2013 - Presentation about OpenStack ...
Elos Technologies s.r.o.
 
OpenStack Ottawa Q2 MeetUp - May 31st 2017
OpenStack Ottawa Q2 MeetUp - May 31st 2017OpenStack Ottawa Q2 MeetUp - May 31st 2017
OpenStack Ottawa Q2 MeetUp - May 31st 2017
Stacy Véronneau
 
The elastic stack on docker
The elastic stack on dockerThe elastic stack on docker
The elastic stack on docker
SmartWave
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
Marcelo Ochoa
 
Introduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" EditionIntroduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" Edition
Jérôme Petazzoni
 
Workshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
Workshop : 45 minutes pour comprendre Docker avec Jérôme PetazzoniWorkshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
Workshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
TheFamily
 
Scalable Spark deployment using Kubernetes
Scalable Spark deployment using KubernetesScalable Spark deployment using Kubernetes
Scalable Spark deployment using Kubernetes
datamantra
 
VASCAN - Docker and Security
VASCAN - Docker and SecurityVASCAN - Docker and Security
VASCAN - Docker and Security
Michael Irwin
 
[BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes]
[BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes][BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes]
[BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes]
Wong Hoi Sing Edison
 
CEPH DAY BERLIN - WHAT'S NEW IN CEPH
CEPH DAY BERLIN - WHAT'S NEW IN CEPH CEPH DAY BERLIN - WHAT'S NEW IN CEPH
CEPH DAY BERLIN - WHAT'S NEW IN CEPH
Ceph Community
 
Introduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange CountyIntroduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange County
Jérôme Petazzoni
 
OpenStack Integration with OpenContrail and OpenDaylight
OpenStack Integration with OpenContrail and OpenDaylightOpenStack Integration with OpenContrail and OpenDaylight
OpenStack Integration with OpenContrail and OpenDaylight
Syed Moneeb
 
OpenStack Toronto Q2 MeetUp - June 1st 2017
OpenStack Toronto Q2 MeetUp - June 1st 2017OpenStack Toronto Q2 MeetUp - June 1st 2017
OpenStack Toronto Q2 MeetUp - June 1st 2017
Stacy Véronneau
 
Introduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New YorkIntroduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New York
Jérôme Petazzoni
 
Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015
Sean Dague
 
Thinking inside the box (shared)
Thinking inside the box (shared)Thinking inside the box (shared)
Thinking inside the box (shared)
Joe Brockmeier
 
Docker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xDocker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12x
rkr10
 
Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017
Dave Holland
 
To Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
To Russia with Love: Deploying Kubernetes in Exotic Locations On PremTo Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
To Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
CloudOps2005
 
Montreal OpenStack Q2 MeetUp - May 30th 2017
Montreal OpenStack Q2 MeetUp - May 30th 2017Montreal OpenStack Q2 MeetUp - May 30th 2017
Montreal OpenStack Q2 MeetUp - May 30th 2017
Stacy Véronneau
 
Red Hat Cloud Infrastructure Conference 2013 - Presentation about OpenStack ...
Red Hat Cloud Infrastructure Conference 2013 - Presentation about OpenStack ...Red Hat Cloud Infrastructure Conference 2013 - Presentation about OpenStack ...
Red Hat Cloud Infrastructure Conference 2013 - Presentation about OpenStack ...
Elos Technologies s.r.o.
 
OpenStack Ottawa Q2 MeetUp - May 31st 2017
OpenStack Ottawa Q2 MeetUp - May 31st 2017OpenStack Ottawa Q2 MeetUp - May 31st 2017
OpenStack Ottawa Q2 MeetUp - May 31st 2017
Stacy Véronneau
 
The elastic stack on docker
The elastic stack on dockerThe elastic stack on docker
The elastic stack on docker
SmartWave
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
Marcelo Ochoa
 
Introduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" EditionIntroduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" Edition
Jérôme Petazzoni
 
Workshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
Workshop : 45 minutes pour comprendre Docker avec Jérôme PetazzoniWorkshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
Workshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
TheFamily
 
Scalable Spark deployment using Kubernetes
Scalable Spark deployment using KubernetesScalable Spark deployment using Kubernetes
Scalable Spark deployment using Kubernetes
datamantra
 
VASCAN - Docker and Security
VASCAN - Docker and SecurityVASCAN - Docker and Security
VASCAN - Docker and Security
Michael Irwin
 
[BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes]
[BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes][BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes]
[BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes]
Wong Hoi Sing Edison
 
CEPH DAY BERLIN - WHAT'S NEW IN CEPH
CEPH DAY BERLIN - WHAT'S NEW IN CEPH CEPH DAY BERLIN - WHAT'S NEW IN CEPH
CEPH DAY BERLIN - WHAT'S NEW IN CEPH
Ceph Community
 
Introduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange CountyIntroduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange County
Jérôme Petazzoni
 
OpenStack Integration with OpenContrail and OpenDaylight
OpenStack Integration with OpenContrail and OpenDaylightOpenStack Integration with OpenContrail and OpenDaylight
OpenStack Integration with OpenContrail and OpenDaylight
Syed Moneeb
 
Ad

Recently uploaded (20)

2025-05-Q4-2024-Investor-Presentation.pptx
2025-05-Q4-2024-Investor-Presentation.pptx2025-05-Q4-2024-Investor-Presentation.pptx
2025-05-Q4-2024-Investor-Presentation.pptx
Samuele Fogagnolo
 
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
BookNet Canada
 
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul
 
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
SOFTTECHHUB
 
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptxIncreasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Anoop Ashok
 
Linux Professional Institute LPIC-1 Exam.pdf
Linux Professional Institute LPIC-1 Exam.pdfLinux Professional Institute LPIC-1 Exam.pdf
Linux Professional Institute LPIC-1 Exam.pdf
RHCSA Guru
 
Drupalcamp Finland – Measuring Front-end Energy Consumption
Drupalcamp Finland – Measuring Front-end Energy ConsumptionDrupalcamp Finland – Measuring Front-end Energy Consumption
Drupalcamp Finland – Measuring Front-end Energy Consumption
Exove
 
Heap, Types of Heap, Insertion and Deletion
Heap, Types of Heap, Insertion and DeletionHeap, Types of Heap, Insertion and Deletion
Heap, Types of Heap, Insertion and Deletion
Jaydeep Kale
 
How analogue intelligence complements AI
How analogue intelligence complements AIHow analogue intelligence complements AI
How analogue intelligence complements AI
Paul Rowe
 
Dev Dives: Automate and orchestrate your processes with UiPath Maestro
Dev Dives: Automate and orchestrate your processes with UiPath MaestroDev Dives: Automate and orchestrate your processes with UiPath Maestro
Dev Dives: Automate and orchestrate your processes with UiPath Maestro
UiPathCommunity
 
Role of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered ManufacturingRole of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered Manufacturing
Andrew Leo
 
AI and Data Privacy in 2025: Global Trends
AI and Data Privacy in 2025: Global TrendsAI and Data Privacy in 2025: Global Trends
AI and Data Privacy in 2025: Global Trends
InData Labs
 
HCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser EnvironmentsHCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser Environments
panagenda
 
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptxDevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
Justin Reock
 
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes
 
Generative Artificial Intelligence (GenAI) in Business
Generative Artificial Intelligence (GenAI) in BusinessGenerative Artificial Intelligence (GenAI) in Business
Generative Artificial Intelligence (GenAI) in Business
Dr. Tathagat Varma
 
Electronic_Mail_Attacks-1-35.pdf by xploit
Electronic_Mail_Attacks-1-35.pdf by xploitElectronic_Mail_Attacks-1-35.pdf by xploit
Electronic_Mail_Attacks-1-35.pdf by xploit
niftliyevhuseyn
 
Rusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond SparkRusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond Spark
carlyakerly1
 
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Impelsys Inc.
 
The Evolution of Meme Coins A New Era for Digital Currency ppt.pdf
The Evolution of Meme Coins A New Era for Digital Currency ppt.pdfThe Evolution of Meme Coins A New Era for Digital Currency ppt.pdf
The Evolution of Meme Coins A New Era for Digital Currency ppt.pdf
Abi john
 
2025-05-Q4-2024-Investor-Presentation.pptx
2025-05-Q4-2024-Investor-Presentation.pptx2025-05-Q4-2024-Investor-Presentation.pptx
2025-05-Q4-2024-Investor-Presentation.pptx
Samuele Fogagnolo
 
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
BookNet Canada
 
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul
 
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
SOFTTECHHUB
 
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptxIncreasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Anoop Ashok
 
Linux Professional Institute LPIC-1 Exam.pdf
Linux Professional Institute LPIC-1 Exam.pdfLinux Professional Institute LPIC-1 Exam.pdf
Linux Professional Institute LPIC-1 Exam.pdf
RHCSA Guru
 
Drupalcamp Finland – Measuring Front-end Energy Consumption
Drupalcamp Finland – Measuring Front-end Energy ConsumptionDrupalcamp Finland – Measuring Front-end Energy Consumption
Drupalcamp Finland – Measuring Front-end Energy Consumption
Exove
 
Heap, Types of Heap, Insertion and Deletion
Heap, Types of Heap, Insertion and DeletionHeap, Types of Heap, Insertion and Deletion
Heap, Types of Heap, Insertion and Deletion
Jaydeep Kale
 
How analogue intelligence complements AI
How analogue intelligence complements AIHow analogue intelligence complements AI
How analogue intelligence complements AI
Paul Rowe
 
Dev Dives: Automate and orchestrate your processes with UiPath Maestro
Dev Dives: Automate and orchestrate your processes with UiPath MaestroDev Dives: Automate and orchestrate your processes with UiPath Maestro
Dev Dives: Automate and orchestrate your processes with UiPath Maestro
UiPathCommunity
 
Role of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered ManufacturingRole of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered Manufacturing
Andrew Leo
 
AI and Data Privacy in 2025: Global Trends
AI and Data Privacy in 2025: Global TrendsAI and Data Privacy in 2025: Global Trends
AI and Data Privacy in 2025: Global Trends
InData Labs
 
HCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser EnvironmentsHCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser Environments
panagenda
 
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptxDevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
Justin Reock
 
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes
 
Generative Artificial Intelligence (GenAI) in Business
Generative Artificial Intelligence (GenAI) in BusinessGenerative Artificial Intelligence (GenAI) in Business
Generative Artificial Intelligence (GenAI) in Business
Dr. Tathagat Varma
 
Electronic_Mail_Attacks-1-35.pdf by xploit
Electronic_Mail_Attacks-1-35.pdf by xploitElectronic_Mail_Attacks-1-35.pdf by xploit
Electronic_Mail_Attacks-1-35.pdf by xploit
niftliyevhuseyn
 
Rusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond SparkRusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond Spark
carlyakerly1
 
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Impelsys Inc.
 
The Evolution of Meme Coins A New Era for Digital Currency ppt.pdf
The Evolution of Meme Coins A New Era for Digital Currency ppt.pdfThe Evolution of Meme Coins A New Era for Digital Currency ppt.pdf
The Evolution of Meme Coins A New Era for Digital Currency ppt.pdf
Abi john
 
Ad

Deploying OpenStack with Ansible

  • 1. Created by: Kevin Carter & Curtis Collicutt OS-Ansible-Deployment Deploying OpenStack with Ansible presentation > osad <<EOP 1
  • 2. www.rackspace.com 2 Who am I? Kevin Carter ● Developer at the Rackspace Private Cloud ● Open source activist ● Cloud operations junkie ● Python aficionado ● Recovering rubyist ● Beer lover ● Soccer fanatic
  • 3. www.rackspace.com 3 Who am I? Curtis Collicutt ● Lead OpenStack Engineer @ AURO ● Information Security ● Storage systems ● How do computers even? ● Films
  • 4. 4www.rackspace.com @robertcathey Cloud infra is hard. OpenStack is cloud infra. OpenStack is hard. This is news, apparently. “ ”
  • 5. www.rackspace.com 5 OSAD and what we’re about ● Deployer Experience ● Vanilla OpenStack ● Scalability ● Stability
  • 6. www.rackspace.com 6 Why are we here? In late 2013, the Rackspace Private Cloud team set out to solve our common deployment, maintenance, scalability, and stability problems.
  • 7. www.rackspace.com 7 Distribution packaging of OpenStack ● Out of date packages ● Out of band configuration ● Packages include proprietary patches ● Time to bug resolution is longer than it should ● Broken dependencies
  • 8. www.rackspace.com 8 Available deployment tooling ● Maybe, sometimes, sorta, eventually “consistent”, kinda? ● Upgrades difficult or impossible ● Steep learning curve
  • 9. www.rackspace.com 9 Legacy architecture does not scale ● Almost all deployment systems reference an architecture that suffers from the “controller 1 controller 2” model ● VIP failover for OpenStack supporting services bound to break and when it does it’ll break spectacularly!
  • 10. www.rackspace.com 10 What we devised A source-based installation of OpenStack, built within LXC containers, using a multi-master architecture orchestrated and deployed via Ansible.
  • 11. www.rackspace.com 11 Why Ansible? ● Community engagement ● Orchestration ● Almost no code ● Low barrier to entry ● Crazy powerful, stupid simple
  • 12. www.rackspace.com 12 Why containers? ● LXC ≈ More bare metal ● Compatible with many networking architectures ● Supports an LVM backend ● Stable
  • 13. www.rackspace.com 13 What is OSAD? OSAD == OpenStack Ansible Deployment ● Uses LXC containers to isolate components and services ● Deploys OpenStack from upstream sources ● Runs on Ubuntu 14.04 ● Built for production ● No proprietary secrete sauce ○ But you could bolt on as much as you want ● Created following the KISS principle
  • 14. www.rackspace.com 14 ● All Ansible tasks and roles target multiple nodes, even if that number is a multiple of one (1) ○ EVERYTHING is tagged! ● Process separation on infrastructure components (controller nodes) ○ Microservice-like, where it makes sense OSAD architecture
  • 15. www.rackspace.com 15 ● Galera multi-master cluster ● RabbitMQ with mirrored queues and deterministic sorting of the master queues ● “Cheese shop” index build for your environment stored within your environment OSAD infrastructure components
  • 16. www.rackspace.com 16 ● OSAD does not know about the “all in one” deployment ○ LXC enables the base system to deploy a multi-node cloud even with only one physical node ○ An AIO in our gate job emulates a 32 node cloud ● Neutron with the Linux Bridge agent offer stability and supportability ○ Open vSwitch is feature-full but Linux Bridge “just works”™ OSAD scale
  • 17. www.rackspace.com 17 Community project ● We support Juno and Icehouse but the code contains Rackspace-isms ● Kilo is our first “community” release of OSAD ● 41 contributors presently in the project ○ Not all Rackers
  • 18. www.rackspace.com 18 Community project We take our role within the community seriously! # Lines of change between Juno and Kilo git diff --stat juno kilo 1158 files changed, 39061 insertions(+), 81368 deletions(-)
  • 19. www.rackspace.com 19 ● Deployer experience: Ansible ● Vanilla OpenStack: Source-based installation ● Scalability: Built within LXC containers ● Stability: Obviously! OSAD and what we’re about
  • 20. www.rackspace.com 20 OSAD configuration ● OSAD configuration is your window into inventory ○ lives in /etc/openstack_deploy ● Dynamic inventory generated via config ● Compatible with Ansible static inventory ● Execution made simple using the openstack-ansible wrapper.
  • 21. www.rackspace.com 21 OSAD deployment # Change to the playbooks directory cd /opt/os-ansible-deployment/playbooks # Open your favorite terminal multiplexer tmux new -s osad-deployment # Do all the things! openstack-ansible setup-everything.yml Go get coffee|food|beer, this will take a minute.
  • 22. www.rackspace.com 22 What an OpenStack deployment looks like with OSAD Diagram not built to scale. Derived from an All in One Installation.
  • 23. www.rackspace.com 23 OSAD adding a compute node # Execute run limited to the nova_compute group openstack-ansible setup-everything.yml --limit nova_compute compute_hosts: compute1: ip: 172.29.236.201 compute2: ip: 172.29.236.202 compute3: ip: 172.29.236.203 compute4: ip: 172.29.236.204 compute5: ip: 172.29.236.205 EDIT: /etc/openstack_deploy/openstack_user_config.yml
  • 24. www.rackspace.com 24 OSAD adding an infrastructure node # Execute the setup with a limit on the infra groups we’re adding openstack-ansible setup-everything.yml --limit os-infra_all, shared-infra_all, identity_all shared-infra_hosts: infra1: ip: 172.29.236.101 os-infra_hosts: infra1: ip: 172.29.236.101 identity_hosts: infra1: ip: 172.29.236.101 EDIT: /etc/openstack_deploy/openstack_user_config.yml
  • 25. www.rackspace.com 25 OSAD reconfiguring all of neutron # Execute a run limited to neutron_all openstack-ansible setup-everything.yml --limit neutron_all global_overrides: provider_networks: - network: container_bridge: "br-vxlan" container_type: "veth" container_interface: "eth10" ip_from_q: "tunnel" type: "vxlan" range: "1:1000" net_name: "vxlan" group_binds: - neutron_linuxbridge_agent EDIT: /etc/openstack_deploy/conf.d/neutron_networks.yml
  • 26. www.rackspace.com 26 ● AURO - Public OpenStack Cloud ● Compute, Volume, Swift, Heat, Neutron ● Canadian data residency, ownership ● Vancouver region, Toronto up next AURO - OpenStack
  • 27. www.rackspace.com 27 ● Not using as much as we’d like ● Mostly the infrastructure components ○ Rabbit, Galera, Memcached, etc ● Absolutely invaluable as an example ● Will continue to bring in more OSAD components as we operate over time ● Team somewhat new to config mgmt AURO & OSAD - What we are using
  • 28. www.rackspace.com 28 ● Great example of: o Using Ansible o Deploying OpenStack o Testing - All in one, use of OpenStack infra ● Already supports Kilo ● Packaging and deploying OpenStack (ie. not using OS packages - Python Wheels very cool) ● Segregation of services AURO & OSAD - What we like
  • 29. www.rackspace.com 29 ● Public cloud ● Midonet ● Different HA Model ● Billing ● Support Model ○ Multiple tiers of internal support AURO - Differences from OSAD
  • 30. www.rackspace.com 30 ● Not to restart services in same run as changes o Need to control restarts in HA manner, rolling ● Every task tagged ● Continuously run (from Ansible Tower and/or Jenkins) ● Installing once is easy, operating forever is hard ● Ansible to help manage many small changes faster ● People don’t ssh into servers, only Ansible AURO - Ansible Guiding Principles
  • 31. www.rackspace.com 31 ● Easy to use mostly idempotent modules then run a command or shell task and make a mess of it ● changed_when: False is too easy to stumble with ● Multiple environments ● Being able to run one-time commands across all systems is as powerful as it is dangerous $ ansible -a reboot all AURO - Ansible Struggles
  • 32. www.rackspace.com 32 ● Deploy OpenStack from source ● Segregation of services ● More monitoring ● Ansible callback plugins are useful ● Learn more from OpenStack testing infra ● Need a couple modules o Midonet o Swift AURO - Near term improvements
  • 33. www.rackspace.com 33 ● Be “Pluggable?” (What does that even mean?) o Neutron network - eg. Midonet o HA model - eg. ECMP/BGP load balancing ● Balancing community roles and playbooks with custom requirements ● Learn how to consume OSAD properly AURO - OSAD Comments/Ideas/Questions
  • 34. www.rackspace.com ● Secrets (eg. Hashicorp Vault, KeyWhiz) ● Continuous integration...err integration ● Caching (Ansible has Redis, other ideas?) ● What is the “future” of config mgmt? Must be more than just pkg/config/start/bootstrap ● Change request workflow 34 AURO - Configuration Management Future
  • 35. www.rackspace.com 35 ● Increase community participation in OSAD ○ Community members wanted! ○ Pull requests welcome :) ● Build out the operational modules found within the upstream ● Modular Dynamic inventory ● etc . . . Where does Ansible and OpenStack go from here?
  • 36. www.rackspace.com 36 Q & A Twitter: @cloudnull IRC: cloudnull Email: [email protected] Twitter: @ccollicutt IRC: serverascode Email: [email protected]

Editor's Notes

  • #5: OpenStack is hard. plain and simple. Now I’m here to talk about how Ansible makes Operating and Deploying OpenStack clouds easier it by no means makes it simple. I have no magic pixie dust that makes OpenStack simple. Deployers that claim to have a scalable production ready OpenStack cloud in > 10 minutes are on crack. People writing configuration management software for OpenStack know that OpenStack is hard but we’re all out there trying to make life easier for everyone in the community.
  • #7: Talk about why I’m here presenting about Ansible and OpenStack Where did we come from? - Rackspace Private Cloud has been here a while. I’d go as far as saying we were the first. Don’t call it a comeback we’ve been here for years. Packaging OpenStack sucks, say why.
  • #8: Talk about why I’m here presenting about Ansible and OpenStack Where did we come from? - Rackspace Private Cloud has been here a while. I’d go as far as saying we were the first. Don’t call it a comeback we’ve been here for years. Packaging OpenStack sucks, say why.
  • #9: RCBOPS chef was a good example of the “run thrice” philosophy. - Stackforge chef cookbooks is not much better Upgrading required a lot of retool for ever release, even if it's a point release. If you're using Puppet or Chef you’re learning a “DSL” which is more like a language than a task driven system. Additionally when coming from the greater OpenStack community telling people that they need to learn Ruby or some variant there of is a hard sell.
  • #10: The controller model makes it hard or impossible to scale past 2 controllers and in production under heavy workloads we’ve found that operators need the ability to scale beyond the two node limit. If you use the controller model and you have two of them, then you likely have a VIP that fails over between the two nodes this VIP failover is error prone and makes services like plain jane MySQL and RabbitMQ very unhappy. The controller model generally does not account for the issues that can be caused when using mirrored queues.
  • #11: Talk about why I’m here presenting about Ansible and OpenStack Where did we come from? - Rackspace Private Cloud has been here a while. I’d go as far as saying we were the first. Don’t call it a comeback we’ve been here for years. Packaging OpenStack sucks, say why.
  • #12: * Community, community, community… * The power of true orchestration and task driven deployments, not a system of run thrice until nice. * YAML is not code, YAML is easy to read, YAML is not code, YAML is easy to read. * Everything is SSH, no agent, no CVEs due to agents. * If the environment is large enough simply set Ansible forks accordingly and go… * We made the LXC module. ** Pull request from rackspace for use of lxc in ansible natively: https://github.com/ansible/ansible-modules-extras/pull/123
  • #13: * LXC is almost more bare metal. With LXC we can simulate additional host machines and treat the containers like just the same as we would another physical node. * LXC is compatible with a lot of networks: veth, vlan, macvlan, and even physical device management. * LXC can be built in an LVM using a real filesystem that can handle a production workload. * LXC is rock solid. Container don’t crash under our workload, we’ve had containers up with impressive uptime, though we still treat them like disposable resources.
  • #14: * OSAD is in stackforge and is gated using the OpenStack development process and model. * Everything is tested with tempest. * Containers for process and service separation. * OpenStack services are installed from upstream sources. * No proprietary software that you have to buy into. ^ and we have scale using OpenStack as it was intended from the upstream developers. Our OpenStack deployment includes: galera, rabbitmq, repository servers, rsyslog, memcached, keystone, glance, nova, neutron, heat, cinder, tempest, swift, horizon
  • #15: * Ansible tagging allows me to run one logical set of tasks in a given role. - Within the roles everything is a namespaced, even the tags. - there are presently 319 tags in master. * Process and service separation in containers means everything is a “node”.
  • #16: * In the spirit of all things open source, we use MariaDB + Galera. * Your own personal PyPi index, local to your deployment is always available to you, but it’s also mirrored at: - http://rpc-repo.rackspace.com/ - https://mirror.rackspace.com/rackspaceprivatecloud/
  • #17: * All in One simulates a larger environment than most production clouds. * We used OVS, it worked, until it didn’t. - For production we use LinuxBridge and in the future we’ll visit other plugins.
  • #18: * We have an internally elected PTL at this point, though we’ll have a formal election soon. * Everything is gated through gerrit. The community commitment within the project forced us to refactor to make the system more supportable from the perspective of the greater community. That refactor forced us to “keystone-lite” the repo such that it removed all of the Rackspace-isms making the deployment system more generic. Contributor list # git log --format='%aN' | sort -u | wc -l
  • #19: The community commitment within the project forced us to refactor to make the system more supportable from the perspective of the greater community. That refactor forced us to “keystone-lite” the repo such that it removed all of the Rackspace-isms making the deployment system more generic. * We have an internally elected PTL (me) at this point, though we’ll have a formal election soon. * Everything is gated through gerrit. * When we committed to stackforge we excised cruft and deployment decisions that only benefited the Rackspace Private Cloud * We made the decision to follow Ansible best practices to the letter where we could. Total lines of content in juno which includes all the things within the repo. # find . -type f -exec grep -v -e '^#' -e '^$' {} \; | wc -l 77391 Total lines of content in master which includes all the things within the repo. # find . -type f -exec grep -v -e '^#' -e '^$' {} \; | wc -l 37045 Lines of YAML no comments no new lines in master # find . -type f -name '*.yml' -exec grep -v -e '^#' -e '^$' {} \; | wc -l 9881
  • #20: Vanilla OpenStack, in terms of the bits that power all of OpenStack is simpler to use, operate, and understand. Simple is amazing! * https://github.com/docker/docker/issues/7229 * https://www.mail-archive.com/[email protected]/msg03847.html * http://www.linuxquestions.org/questions/linux-general-1/which-linux-distros-use-aufs-unionfs-630594/ Cloud components are cattle, spend 30 minutes troubleshooting a broken component and if its not simple to fix kill them when they misbehave.
  • #21: This is what a basic openstack_user_config.yml file looks like. * It’s easy to get started * the config is simple to understand * can become as complex as you want it. The basic openstack_user_config.yml file is essentially your entry point into Ansible inventory.
  • #23: ascii diagram of stack.
  • #24: This is what a basic openstack_user_config.yml file looks like. * Its easy to get started * the config is simple to understand * can become as complex as you want it. The basic openstack_user_config.yml file is essentially your entry point into Ansible inventory.
  • #25: This is what a basic openstack_user_config.yml file looks like. * Its easy to get started * the config is simple to understand * can become as complex as you want it. The basic openstack_user_config.yml file is essentially your entry point into Ansible inventory.
  • #26: This is what a basic openstack_user_config.yml file looks like. * Its easy to get started * the config is simple to understand * can become as complex as you want it. The basic openstack_user_config.yml file is essentially your entry point into Ansible inventory.
  • #27: Thanks to Kevin and the OpenStack Ansible Deployment team, all the people who have contributed. As usual we are standing on the shoulders of giants, from OSAD to Ansible to OpenStack to Linux and more I’m not used to speaking in front of this many people, so forgive my mistakes AURO - one of the few OpenStack public clouds in Canada, we have a lot of work ahead of us with with such a great community we can get the job done Canadian data residency and ownership is important to many of our customers Fairly stock OpenStack other than using Midonet
  • #28: We started our second generation deployment while the OSAD team was working on moving from Juno to Kilo and removing “raxisms”, we had to get started and that has caused us not to use as much of OSAD as we would like We definitely have some thinking and learning to do in terms of creating a process and workflow to consume OSAD and to integrate our particular infrastructure choices When we upgrade from Juno to Kilo we will bring in much more of OSAD, if not all We have a lot of work to do in terms of getting our organization up to speed and into a more “devopsy” style of working Having full, working config files is a tremendous help to anyone deploying OpenStack
  • #29: We like the emphasis on testing, that is the only way we will be able to continuously improve our deployment, the only way we will be able to operate a cloud over a long period of time We need to get off of our dependency on the os packages, we will deploy from source using OSAD’s methodology We really want to be part of the Ansible, Openstack, and OSAD community, we are committed to giving back where we can, low on resources at the moment though Segregation of services is important to us
  • #30: Public cloud is in many ways quite different than private cloud We have multiple tiers of support and need to ensure they have the tools to do their job but also keep segregation of duties We have to bill people, will be implementing stacktach, currently our own internal system
  • #31: I think one of the most powerful things about ansible is the ability to use it to operate openstack over time, not just initial deployment
  • #32: These are things that I personally struggle with and are not necessarily issues with Ansible or OSAD; have to watch I don’t shoot myself in the foot so to speak Ansible’s power and flexibility are...very powerful, almost too powerful in some cases
  • #33: I wrote a quick callback plugin to send a notification to slack when a playbook causes changes or fails
  • #34: I think it’s good that we are a public cloud and want to use OSAD Mostly we just need to figure out how to use as much as OSAD as possible while still having a unique environment Though almost all OpenStack deployments are unique
  • #35: I do struggle with secrets and variables in Ansible If we need to do ITIL like things, how do we do that with config mgmt? Ansible as the “execution engine” for change mgmt, “continuous improvement” CONCLUSION: Basically we consume as much of OSAD as we can, add our custom requirements and account for differences, then wrap that all in monitoring, continuous integration and change management Again thanks to the community, we have a lot of work to do for AURO and a lot of learning to do and changes to implement Thanks to all the people writing modules too
  • #36: Talk about where Ansible and OpenStack go from here. modules commits upstream improving ansible issues we’ve faced